Protostar/Format 2

This level moves on from format1 and shows how specific values can be written in memory.

This level is at /opt/protostar/bin/format2


#include <stdlib.h>
#include <unistd.h>
#include <stdio.h>
#include <string.h>

int target;

void vuln()
  char buffer[512];

  fgets(buffer, sizeof(buffer), stdin);
  if(target == 64) {
      printf("you have modified the target :)\n");
  } else {
      printf("target is %d :(\n", target);

int main(int argc, char **argv)

See also

Solving format1 from with a simple Format String vulnerability, exploited with %n.

This is a mirror. Copyright and original can be found here: